CVE-2025-12619
Published: 03 November 2025
Summary
CVE-2025-12619 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda A15 Firmware. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 36.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-12619 is a buffer overflow vulnerability affecting the Tenda A15 router on firmware version 15.13.07.13. The flaw resides in the fromSetWirelessRepeat function within the /goform/openNetworkGateway file, where manipulation of the wpapsk_crypto2_4g argument triggers the overflow. It is classified under CWE-119 and CWE-120, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation over the network with low complexity and no user interaction required. Attackers need low privileges, such as those of an authenticated user, to trigger it. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing arbitrary code execution, data compromise, or denial of service on the affected device.
Advisories and details are documented on VulDB (ctiid.330913, id.330913, submit.678888), with an exploit publicly available via a Baidu link and general information on the Tenda website (tenda.com.cn). No specific patch or mitigation steps are detailed in the provided references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-37476
Vulnerability details
A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipulation of the argument wpapsk_crypto2_4g results in buffer overflow. The attack can be launched remotely. The exploit has been made public and…
more
could be used.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote buffer overflow in the Tenda A15 router's web interface (/goform/openNetworkGateway) enables arbitrary code execution via public-facing application exploitation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-10 requires validation of information inputs like the wpapsk_crypto2_4g argument to prevent buffer overflows from manipulated data.
SI-2 mandates monitoring, identification, and remediation of flaws such as this buffer overflow via firmware patching.
SI-16 implements memory protection mechanisms like address space layout randomization to mitigate arbitrary code execution from buffer overflows.